Missing authorization in Client-Server API in Conduit <=0.7.0, allowing for any alias to be removed and added to another room, which can be used for privilege escalation by moving the #admins a ...
Continue Reading
June 25, 2024
Missing authorization in Client-Server API in Conduit <=0.7.0, allowing for any alias to be removed and added to another room, which can be used for privilege escalation by moving the #admins a ...
Continue Reading
June 25, 2024
CVE-2024-29868: Use of Cryptographically Weak PRNG in Recovery Token Generation This repository contains the proof of concept related to CVE-2024-29868 that affects Apache StreamPipes from v0.69.0 th ...
Continue Reading
June 25, 2024
Interesting paper about a German cryptanalysis machine that helped break the US M-209 mechanical ciphering machine. The paper contains a good description of how the M-209...Read More ...
Continue Reading
June 25, 2024
WordPress Core is vulnerable to Stored Cross-Site Scripting via the HTML API in various versions up to 6.5.5 due to insufficient input sanitization and output escaping on URLs. This makes it possible ...
Continue Reading
June 25, 2024
WordPress Core is vulnerable to Stored Cross-Site Scripting via the HTML API in various versions up to 6.5.5 due to insufficient input sanitization and output escaping on URLs. This makes it possible ...
Continue Reading
June 25, 2024
WordPress Core is vulnerable to Stored Cross-Site Scripting via the HTML API in various versions up to 6.5.5 due to insufficient input sanitization and output escaping on URLs. This makes it possible ...
Continue Reading
June 25, 2024
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1530-2 advisory. grafana was updated to version 9 ...
Continue Reading
June 25, 2024
Back to Main
